Wednesday, September 30, 2009

Free anti-virus: MS joins the fray

MS has produced a free anti-virus program. It rivals the best- which are Avira's Antivir and Alwil's avast! There's a nice review here, based in part on detection rates, where MS, Antivir and avast! do well. Antivir comes out on top, but largely due to avast!'s counter-intuitive scanner GUI- which is due to be replaced when avast! 5 comes out very soon.
One point to note is that if you have set up limited user accounts for family members, those limited users will be able to disable protection if you use Antivir, because the limited user password setting is only available in the paid version; with avast!, you can set a password so limited users will not be able to disable AV protection.
UPDATE: More on the recent test of detection rates here.

Saturday, September 26, 2009

Your operating system is not supported...

Looking into cable modem problems in Ubuntu recently, I came across a few horror stories about Comcast, the American ISP. Technicians who have never heard of Linux and insist they can only install the Internet to a Windows computer, that sort of thing. So it was a surprise to come across this blog post by a guy called Linus.
I guess it all depends on who you are, or possibly what you know.
So I need to provision it (ie letting Comcast know about the new modem MAC address), so I call up Comcast. It being a Sunday afternoon, I was expecting that I'll just have to wait for Monday to get it sorted out. But no, not only is there a friendly tech who is greeting me with neither silly muzak nor waiting, but she's happy to get my all provisioned and up and running with a new cable modem in minutes (ok, so it took more than a couple of minutes, but a lot of it was literally waiting for the new cable box to boot up a few times).
The clue in the image above is the telephone number: just call and ask for the ISP to provision your modem seems to be the answer.

Ubuntu and cable modems

The other day I was trying to help somebody on the Ubuntu forum get an internet connection. I didn't notice at first that it was a cable modem (of which I have zero experience), but when I did, I decided to look into how they work. (The thread is here.)
There seems to be a lot of confusion around as to how to get a cable modem connected and working with Linux, how to solve connection problems, and how to connect a different computer or a router.
Here are the myths:
  • Cable companies only support Windows or Mac.
  • You'll need to spoof the MAC address of the computer originally connected to the modem in order to connect another computer or a router.
Here's the reality:
  • ISP software may only work with Windows or Mac, and technicians may only know about Windows and Mac, but there's actually no obstacle to getting a connection. A modem connected to a cable network needs to be "provisioned": the cable company needs to know the MAC address of the modem. They can do this at their end, or the cable guy can do it at your end. If it's done at your end, the cable guy will need Windows or Mac. If you have Linux, the advice is: just get the cable guy to connect the modem and tell him you'll call the provider service line to provision the modem.
  • After connecting a different computer or a router to a cable modem, power down the modem for 10 minutes before connecting (the computer and/or router should be off while connecting too). Power up the modem> (router)> computer and everything should be fine (no need for spoofing). A good guide is here.
In Ubuntu, make sure DHCP is enabled unless the cable Internet provider has told you to use a static IP address.
The original poster at the Ubuntu forum thankfully managed to get his connection working, despite my fumbling around for a solution.

Thursday, September 17, 2009

No DSL Internet in Ubuntu?

This seems to be a fairly common issue for Ubuntu users, perhaps because many people have their broadband service installed by a technician, or insert a Windows CD from their ISP to walk them through the process. Faced with a router, a cable or two, and a fresh installation of Ubuntu (or other Linux distribution), getting a DSL Internet connection seems an impossible task.
In fact, it's quite simple- if your modem has an Ethernet cable. (USB modems are the work of the devil as far as Ubuntu is concerned- they all require proprietary drivers, which Ubuntu doesn't supply. They can be got to work, but it's a tricky job even for somebody familiar with Ubuntu. Other Linux distributions may work "out of the box" with a USB modem, but that's not the subject of this post- anyway, an Ethernet connection is faster, doesn't require any extra software of firmware, and leaves a USB port free.) If your modem has a choice of USB and Ethernet connection, use the Ethernet cable.
Plug in the modem (phone line, Ethernet and power), open a web browser on the computer and type in the modem/router's IP address- this should be four numbers separated by dots, something like this:,, according to the manufacturer- If it's not in the documentation, Google the make of you modem/router and you should find the address quite easily.
If you can see the set-up screen of the modem/router, it's just a question of making sure the router has the right settings. (If you're unlucky enough to find that your router is not configured via a web browser, have a look at this Ubuntu guide.)
If a computer has been connected to the modem/router before, then the modem/router will probably have been set up to connect to an ISP service, and the modem/router may assign your computer an IP address so your computer can access the internet via the router/modem. (If there's no connection, try enabling DHCP (a service which automatically assigns an IP address to connecting computers), otherwise you will have to tell Ubuntu to use a static IP address. DHCP is the easiest method.)
If you're connecting for the first time, or changing ISP, you will have to tell the modem/router how to connect to your ISP service. Typically this involves entering your username and password, and settings for Protocol, VPI, VCI and Encapsulation. These details for most ISP's in the world can be found here.
This should be enough to get you connected to just about any ISP in the world with many makes and models of Ethernet modem/router. Got a USB modem/router? Well, connection may be possible, but help is beyond the scope of this post. Try this Ubuntu guide, or the Ubuntu Forums- also a good source of advice for connection problems not covered in this (very basic) guide.

Tuesday, September 15, 2009

Opera on Ubuntu

Opera is a great browser for Windows, and it works on Linux too. In Ubuntu it's available in the Canonical Partner Repository (free software that is not open source), so no need to use an installation file, and updates will be available through Update Manager.
However, updates can be slow to appear. Opera has its own repository, to which updates are added much more quickly.
I'd been using that repository for quite a while, when I began to get messages from Update Manager that the repository could not be found- some research revealed it had been moved. I couldn't find the new location, so just removed the repository.
With the release of Opera 10 recently, I was impatient to try the new version on Ubuntu, but the Canonical repository still had the old version. I searched again for the location of the Opera repository, and found it- but this time I just couldn't get the key to work.
I found the solution here- the answer was in this comment. Copying and pasting the key had transformed an emdash into a hyphen- to the eye, the same thing, but in a Terminal command, very different.
Thanks to Kyle Baker and greenpossum.

Sunday, September 13, 2009

Favicon malware

Nothing could seem more innocent than a favicon. It's the little website icon that sits next to the website address in the browser address bar and is added to your list of favourites (or bookmarks according to the browser you're using). But the little favicon.ico can be infected with malware. (See here and here.)
Nothing is more frustrating than a malware detection from your anti-virus program which reappears every two minutes whatever you do, as seen here on the avast! forum, and here detected by AVG- favicon malware was the cause both times, of course.
But why was the malware reappearing every two minutes? My best guess is that IE was downloading missing favicons, either after the cache had been cleared, or malicious favicons deleted.

Microsoft anti-Linux FUD

Microsoft doesn't want you to use open source software. And the way they get you not to use open source software is through FUD. The latest example can be found here, where MS is "indoctrinating" sales staff in the reasons customers wouldn't be happy with Linux.
Now it's perfectly true that Linux doesn't run Windows programs. If you really want to run MS Word, you'll need Windows; but if you use Open Office, you won't. Fair enough, customers should know this.
Linux doesn't run Windows games* (*Some will run in Wine, but the performance can be poor.) If customers want a games machine, they'll need Windows, fair enough, although I actually think a dedicated games console can be a better option- games take up huge amounts of disc space, require a powerful video card which can add the price of a games console to a PC, and if my experience with Half Life is anything to go by, can rip a HD to shreds with crashes while reading or writing to the HD leaving bad sectors.
Now we come to hardware. My printer, camera, MP3 player, wireless dongle and external hard drive all ran out of the box on Ubuntu Linux. I had to install some firmware for the scanner to work, but I'd've had to install a driver for it to work in Windows- in fact my printer doesn't work in Windows because I haven't installed the driver. Good manufactures support standards and Linux, and their hardware works in Linux. (HP is a shining example.) Verdict: FUD.
Finally, Internet Messaging. No, you can't get Window's Live Messenger on Linux. Yes, you can have IM with a multi-protocol IM client* like, in Ubuntu, Pidgin. (* Supports multiple accounts- MSN, Yahoo!, Google, ICQ etc.) No, Pidgin doesn't support video chat on MSN (and I don't know of any Linux IM client that does.) Linux does have Ekiga, a free video chat client, and Pidgin does support video chat on GMail, but I can see that it's not going to be convenient for a Windows users to get used to a new IM program, or a Linux user to video chat to a Windows user.
This is a big turn-off for prospective Linux users, or indeed, purchasers of Linux computers (netbooks, probably) who ask: where's Windows Messenger?
This is of course intentional: that's the way Microsoft works: get you used to their product so it's just too much effort to change.
Verdict:FUD. There's no reason to be locked in to Windows. There are alternatives to the Microsoft IM network.

Thursday, September 10, 2009

The CCleaner for Ubuntu?

CCleaner is an essential application for Windows. Ubuntu users occasionally ask about an equivalent for their operating system, usually to be told that it isn't necessary- Linux is not Windows.
Well, I think I've found the CCleaner for Ubuntu. It's called BleachBit, and on my computer it found 600MB of "junk": not an insignificant amount on a 10GB /home partition.

Fake Flash For Firefox

Sophos analysts have discovered a piece of malware masquerading itself as a flash player plugin for the Firefox browser:

When the file runs, it pretends to install the adobe flash player for your browser.

Upon restarting Firefox after the installation is complete, Firefox shows an extension has been installed as “Adobe Flash Player 0.2″.

Troj/FFSpy-A monitors your Google searches and sends this information to a remote server. It also inject ads into the web pages you are viewing based on the keywords you have used in your search.

This piece of malware seems to be spreading itself via internet forums pretending to be the installation file for the adobe flash player. To reduce the risk of infection, the user should avoid downloading executables from unknown and untrusted sources.
Let's be careful out there!

I am alive

A symptom of malware infection is often browser redirects- that's when the page you see isn't the page you asked for. It's usually something subtle- a page that looks just like your Internet banking page, but is actually an attempt to steal your password, or a Google search which displays injected malicious links.
Here's an example of an unexpected and mysterious redirect from the Ubuntu forum. The redirected page reads simply "I am alive", apparently the result of a router DNS hijack.
Is it a joke? Perhaps not. Could it possibly be the result of an error on the cyber villains' proxy server, which sits between you and the web site you intended to visit- "I am alive" is a message sent between routers on a network. My best guess is that the victim was never intended to see this message and has received an internal network message in place of a phoney web page.
The moral of the story is: when investigating possible browser redirects, don't neglect to check the router, and all other computers on the network.

Tuesday, September 8, 2009

Anti-Virus scams

Have you ever been surfing the web and found yourself looking at a convincing looking anti-virus scan of your computer running on your screen, which tells you that you're infected with numerous viruses? It's a scam!
The anti-virus "program" is just an animation on a web page, the virus infections non-existent. The idea is to scare you into paying for a fraudulent (scam) anti-virus program devised by the Eastern-European Cyber-Mafia.
These fake anti-virus pages are served up by hacked web sites, hacked advertisements on web sites, or by "poisoned" Google search results: you can come across them browsing perfectly legitimate sites.
As well as trying to con you into thinking your computer is infected, most of these pages will also try to infect your computer with a Trojan horse by means of an exploit. This is a way of installing malicious software on your computer without you clicking 'yes' to anything. (A drive-by download.) If your computer is not 100% up-to-date and secure, you could end up with a scam anti-virus actually installed on your computer, and they are very hard to remove.
How can you deal with these scam anti-virus attacks, and stay safe from rogue programs?
Keep all web-facing software on your computer up to date. This includes browsers and multimedia applications like Flash. The best way to do this is to use Secunia Personal Software Inspector- it wil scan your computer for out-of-date software and provide a download link for a security update.
If you do then come across a fake anti-virus scan on a web page, ignore the scam and close the browser tab or window.
Security Fix has more information.
If you are unlucky enough to get infected with a scam anti-virus program, your best advice is to try Malwarebytes' Anti-Malware or SUPERAntiSpyware Free. Both programs are free to use- although paid versions are also available.
UPDATE: Readers of the New York Times website have seen such a scam, as reported here.

Are you safe with a free anti-virus?

Do you really need to pay for an anti-virus program if you're a home user when there are several free programs available. Symantec says yes.
Well, I've seen computers running Symantec anti-virus infected with malware (a more generic name for any sort of malicious program- virus, Trojan, spyware, worm), and come across posts on the internet from people in the same situation. Having Symantec anti-virus does not mean you'll never get infected. Symantec will get rid of any infection for you, but you'll have to pay $99 if it's not one the program can handle automatically. That's on top of the original purchase fee.
Are you any less likely to get infected with Symantec (or any of the other paid anti-virus programs) than if you're using a free anti-virus program?
Honestly, you can get infected running the best anti-virus in the world (whatever that is) if your security habits are bad, and stay safe with the worst if your security habits are good, but judging by detection rates, the free anti-viruses offer good protection.
An additional advantage of avast! is the excellent forum: if you do catch something nasty online, you can get help to remove the infection for free.
The advice here is to use a free anti-virus for home use and save yourself the fees. Links can be found in the Security Watch article linked to above.